Senior Consultant, Restoration and Remediation (Remote)

Surefire CyberHanover, MD
Remote

About The Position

Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency.

Requirements

  • Bachelor’s degree in information technology, computer science, related degree, or equivalent former professional experience as an IT Engineer, Systems Administrator, Cybersecurity Consultant, or related position.
  • Previous DFIR and restoration experience in a consulting firm.
  • Professionally skilled in the deployment and management of IT infrastructure, including Microsoft Exchange, M365, Microsoft Windows Server operating systems, and workstations.
  • Expertise in various operating systems (Windows, Linux, MacOS) and their security features.
  • Familiarity with cloud services.
  • Experience in network administration.
  • Experience configuring firewalls, VPN’s, Active Directory, Exchange, Group Policy.
  • Skilled at problem-solving and exhibits a high-level of attention to detail.
  • Can effectively under pressure while maintaining professional composure.
  • Excellent communication skills, both written and verbal, can explain technical concepts to non-technical audiences.
  • Strong interpersonal skills, a team player mentality, and a client-centric mindset.
  • Exceptional organizational skills and the ability to manage multiple competing priorities.

Nice To Haves

  • Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion.

Responsibilities

  • Actively share knowledge with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices.
  • Build strong professional relationships and serve as a trusted advisor during client-facing incident response engagements, contributing your advanced knowledge and expertise to post-incident recovery efforts.
  • Work closely with the DFIR team to assess and determine the scope and impact of cyber incidents.
  • Utilize experience with Active Directory, Group Policy Objects, ADSI, Windows Security, replication, Azure Active Directory Connect, and other relevant technologies to restore compromised systems.
  • Script and automate recovery processes using PowerShell and Windows command line tools.
  • Leverage experience in hypervisor technologies such as VMware, Hyper-V, Citrix XenServer, and Nutanix Acropolis to restore virtualized environments.
  • Work with various server hardware platforms including HP, Dell, Nutanix, and Cisco UCS.
  • Utilize experience with storage vendors such as Dell EMC, NetApp, HP/Nimble, and Pure Storage to recover data and systems.
  • Implement backup solutions such as Veeam, Backup Exec, Unitrends, and Zerto to ensure data recovery.
  • Manage desktop operating systems and deployments, including Windows 7/8/10/11.
  • Oversee enterprise messaging systems, including Exchange and M365.
  • Handle server-based computing environments, including Citrix and Terminal Services.
  • Leverage networking knowledge, including core switches, wireless access points, firewalls, and VPN configurations.
  • Implement two-factor and multi-factor authentication services such as Okta, DUO, Microsoft Authentication, Ping, RSA, and others.
  • Collaborate with internal teams, external partners, and clients to refine and document all restoration and recovery efforts, maintaining a clear and organized record of actions taken, lessons learned, and best practices.
  • Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.

Benefits

  • Competitive compensation plan and total rewards package for team members
  • Remote workforce
  • Generous paid time off plan and floating holidays
  • Paid parental leave
  • Employer paid premiums for both team members and their dependents for medical, dental, and vision
  • Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits.
  • Professional development and career advancement opportunities
  • We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service